Ecosystem	Package	Version

Vulnerabilities

sonatype-2026-000415

sonatype-2026-000415

Malicious Packages - Thu Feb 12 2026 [Info Stealer]

Published Feb 12, 2026

https://help.sonatype.com/en/sonatype-malware-data.html https://osv-vulnerabilities.storage.googleapis.com/npm/MAL-2026-882.json https://osv-vulnerabilities.storage.googleapis.com/npm/MAL-2026-883.json

CVSS ScoreMedium

5.3

Ecosystem	Package	Version


npm	despicable-me	0.0.1-security
npm	despicable-me	1.0.1
npm	despicable-me	1.0.2
npm	despicable-me	2.0.0
npm	despicable-me	3.0.0
npm	ecosystem_ui	0.0.1-security
npm	ecosystem_ui	10.0.1
npm	ecosystem_ui	11.0.0
npm	ecosystem_ui	90.9.9
npm	ecosystem_ui	99.9.8
npm	ecosystem_ui	99.9.9
npm	swiper-lint	2.0.1

sonatype-2026-000415 | Components Impacted | Sonatype Guide | Sonatype Guide